On 15.06.22 06:03, Kiss Gabor (Bitman) wrote: > On Tue, 14 Jun 2022, Jeremy T. Bouse wrote: > >> Am I understanding correctly and you're saying that even with the server >> down he sent the GDPR notice to you? > > The last keydump is available yet. However I can't imagine how > did he find the 16 keys in the 12 GiB compressed binary mess-up. > And moreover how will I do?
The problem is that the entity processing the data (e.g. stores them) is responsible for deletion the possbility to connect the data to a person. Actually, I don't know in which way one has to prove the act *legally* (aka to be accepted in court); but one is responsible to make the data unable to be connected to a person. IMHO it would be enough to strip any person-identifying information (the uid's alone ??) from a PGP key. To delete the data is just one way to make it un-connectable. -- Steffen
signature.asc
Description: OpenPGP digital signature
